As a lot of you know when you get hacked one of the things that make the whole experience distressing is getting through to someone to reset your password and start the whole recovery process. Yes they've improved things over the years yet the fact remains that if you do see someone on your account it often doesn't matter how quickly you get through to someone on the phone or via a ticket - the damage is done within minutes

Now no longer. Blizzard have made an automated recovery system. Using this system you can get in quickly and lock your account down. A reset password email is sent out and a ticket is automatically generated.

Now in the interests of science I had a little play with it. My account has not been hacked btw. Here's how I went :

Page 1

Very large prominent disclaimers on making sure you have scanned your computer for every possible keylogger , tips on keeping your account secure , recommendation for getting a authenticator etc etc

Big Orange box with a checkbox that won't alllow you to go any further without making doubly down sure you're secured your end. "Is this computer secure? - During the next steps in the account recovery process, you will be providing us with detailed personal information to verify your identity. Thus, it is extremely important that your computer is secure before proceeding."

Very nice , very clear

Page 2

Asks you for your Battle.net email , First name and Last name. Gentlemen this is why you don't do account trading. Or account buying.

Page 3

Gives you a choice between answering your secret question or putting in the serial number off your CD Case thingy. You know the number that was on the front

Page 4

It's either this page or the page before where it recommends changing your email password as well. Or it could of been about changing your battle.net email. Either way another recommendation to change your email password as it could be compromised is very very nice.

Last Page.

Tells you exactly what's going to happen and what time frames to expect. Very nice.

Also has a few very detailed paragraphs on account security and how to follow everything up. By the end of all this your account is locked with an email sent for a password recovery. A ticket for the recovery of your items is also put in the queue and you get a ticket number for it.

I like how you get the ticket number right in the email to you. It means the rep you get on the phone can locate your recovery request. It could also mean in the future Blizzard may consider changing the automated phone system to add an option to put that in .... and automatically be forwarded to the spe******t involved with your case...or automatically read out a status report on your ticket.

Seriously putting the ticket number in on the email is awesome. I would love a system where you ring up , put in your ticket number and get an automated update on your recovery. Something like someone going "Your support ticket has been assigned to ______ They can see x items to recover. Recover has been in process for x days with an estimated y days left for z items. If your still wanting to talk to an operator please stay on the line now. if you get a message to say all lines are busy please redial until you get in the Queue. Have a nice day !"

PS Yes I've deleted my ticket out of the queue. And my account is unlocked now. The whole process was very fast and all happened in minutes. Yes you can now lock your account down in minutes assuming you've cleaned your computer out and your email has not been compromised

__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)

Glad to see Blizzard making it easier for stupid people to get their accounts back - hopefully make them smarter.

That's a tiny bit arrogant of you isn't it ?

Blaming the victim for the crime isn't it ? Like saying there's no burglary or robbery in the world today - clearly the victims asked for it by having a particular brand of lock on their door! Genius !

Tell me have you ever been hacked ? Known people that have been hacked ?

I do know people that have been hacked. I know people with extremely stringent security measures that have been hacked. I know people hired by the NSA and CIA that have been hacked. These are people that get paid to specialize in computer security. None of them were necessarily hacked for being stupid.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck.

Also there is no security system in the world that is 100% hacker proof. You can't guard against Zero day exploits. It is flawed reasoning to say everyone who gets hacked is stupid.

__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)

Glad to see Blizzard making it easier for stupid people to get their accounts back - hopefully make them smarter.

This is just plain ignorance. Plain and simple. I was [s]hacked[/s] compromised. It ended up being a hack embedded in the flash of a popular WoW information site where people go to get information about quests and items. No virus, no buying gold, to selling/buying accounts, no clicking on spam emails from nefarious sources pretending to be Blizzard.

Sure, I didn't have an authenticator at the time - but excuse me if I was pissed because the last authenticator I purchased died in 6 months and Blizzard said "so sorry, buy another one". OF course I have one now tied to my phone.

I don't expect you to understand - until you yourself get hacked - but it is NOT as cut and dried as you suggest.

In the world of languages, words change. It is a fact. While it is true that the vast majority of account compromises are not actually hacked and and the login information was learned via some phishing method, the term "hacked" is a nice quick simple term that people use to identify what happened. And it is not going away.

There are thousands of words in the English language alone that are not used today in the context of their original meaning. Take the word "decimate" - this word meant to "reduce by one of ten" and came from the practice of a punishment in the roman armies where if a unit did not perform they would kill one solider in ten as negative reinforcement. Today, we use the word to indicate that something has been utterly destroyed.

If someone says "My WoW account was hacked" and you know exactly what they meant, then the job of using language was successful in that communication occurred successfully.

Blaming the victim for the crime isn't it ? Like saying there's no burglary or robbery in the world today - clearly the victims asked for it by having a particular brand of lock on their door! Genius !

Tell me have you ever been hacked ? Known people that have been hacked ?

I do know people that have been hacked. I know people with extremely stringent security measures that have been hacked. I know people hired by the NSA and CIA that have been hacked. These are people that get paid to specialize in computer security. None of them were necessarily hacked for being stupid.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck.

Also there is no security system in the world that is 100% hacker proof. You can't guard against Zero day exploits. It is flawed reasoning to say everyone who gets hacked is stupid.

OK - lemme put it this way.

Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.

To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head. I know not to go to links from Blizzard-looking emails. I verify the site I'm going to is actually the site I'm wanting. I don't click on random links to the WoW Armory and enter in my credentials.

Sometimes its just simply having the bad luck on being lax in some aspect of their security. It doesn't make you stupid it merely means having bad luck

Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent shows that you're lazy, inattentive, not caring.

People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.

I'm sorry if you don't agree, but it is.

Do people deserve their accounts to be compromised? Of course not. But them shunting responsibility off on someone else, for their ignorance and lax-ness, is more wrong, than them doing whatever caused their credentials to get compromised to begin with.

If someone says "My WoW account was hacked" and you know exactly what they meant, then the job of using language was successful in that communication occurred successfully.

That's fine - if you wish to continue doing the interpretation in your head, you can. I do it too. When they say "I was hacked" my brain translates it to "I was stupid, did something I shouldn't have done, but I refuse to admit any fault of my own - so I'll blame someone else and say "hacked"."

Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.

That would be hacking Blizzard's servers. Not someone's account.

To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head. I know not to go to links from Blizzard-looking emails. I verify the site I'm going to is actually the site I'm wanting. I don't click on random links to the WoW Armory and enter in my credentials.

These are not the only ways to have your account compromised. Read above for an example about flash ads and zero-day exploits.

Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent shows that you're lazy, inattentive, not caring.

People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.

I would say that those two words have different meanings... Not to mention that calling someone stupid on these forums goes against our rules: 1. Post with respect and courtesy. Debate is fine ... so long as when you disagree with someone, you respond in a civilized and constructive manner.

That's fine - if you wish to continue doing the interpretation in your head, you can. I do it too. When they say "I was hacked" my brain translates it to "I was stupid, did something I shouldn't have done, but I refuse to admit any fault of my own - so I'll blame someone else and say "hacked"."

I am sorry for the way in which you see the world. Yes, I agree that some people simply do not think before risking their account. But to think that everyone who has their accounts compromised acts this way is just naive.

My interpretation is the correct one, and you know it.

Just because you think your opinion is the only correct one, does not make it so. That's a great lesson to learn and carry through life.

__________

Now. This thread is not about how people can get hacked or who gets blamed. It is about a new feature that enables you to lock your account quickly in the event that it gets compromised. I'm tempted to just delete everything here that's off-topic, but I hope that some people can learn something from the discussion.

__________________
"You'd be surprised how many people violate this simple principle every day of their lives and try to fit square pegs into round holes, ignoring the clear reality that Things Are As They Are." -Benjamin Hoff, The Tao of Pooh

Someone whose account is compromised for WoW, didn't happen because someone "hacked" Blizzard or Blizzard's databases. If someone were to have done that, there would be massive numbers (and when i say massive, I mean MASSIVE) of people reporting their accounts being "hacked". Not the trickle there is now.

Nice little back pedal you got there. Yet this isn't what you said above. You said above "People don't get hacked they are just stupid"

To answer your questions - no, I've never been hacked. And I've never had a virus on my computers. Because I use my head.

And I trust your not lax in your security methods? Not even once ? You've never been hacked therefore your smarter then those other guys who do.

I haven't been hacked either. And I don't do any special security steps other then not giving out my password to silly whispers or going to funny sites from an email.

But this does not mean that maybe one day I might get hacked. I'm not arrogant enough to say they I won't get hacked. I'm only Human and I might slip up once.

Being lax MEANS you're stupid. The definition of lax (not strict or severe; careless or negligent shows that you're lazy, inattentive, not caring.

People using the same password everywhere. Going to random links, seeing a battle.net-looking login screen and entering in their credentials. People falling for fake emails, where just a cursory bit of attentiveness easy show they are fake, etc = stupidity.

This is also covered in detail on the form. Also in the security page they recommend you go to.

__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)

Not the response I was expecting, that's for sure. As Maul's post mentioned, I was using 'get hacked' as shorthand for 'have their accounts compromised in one fashion or another, which may or may not have been their fault'.

Still, this will be an excellent tool to help people who do lose access to their accounts, whatever the cause.

I'm glad they finally added this feature. I hope it helps people moreso than having to just open a ticket and such, and I'm sure the response time will be faster! Also, GM Ticket wait times should go down immensely!

There is a difference between being naive and being stupid, just as there is a difference between reasonable debate and being an arrogant know-it-all asshat who thinks they're smarter than the rest of the world. I'll leave it at that.

The feature is great and I look forward to my simple tickets being answered sooner because of it. My last one was for a couple of AH spammers who were flooding Strange Dust x1 for pages on end. Took 3 days before they got to it.

__________________

Originally posted by Mirrikat45 so says the 1/2 million downloads per week.......

Impossible statistics = FAIL!! But don't point this out, or your post will be deleted!

There really tends to be no sympathy for people who have their accounts compromised. One of the fella's from The Instance had is account compromised in the past - and he never got to the root of it either.

Having the authenticator is the key. Would not surprise me if one day that is not enough.

I apologize for getting so defensive in my previous post - but it really irks me when people ASSume you are an idiot - or naive - and those are the only two paths that can lead to account compromising. FLASH WAS HACKED - didn't last long, it got 100's of 1000's of people. My brother got hit - he turned off his authenticator for 1 day because he got a new phone, and was transferring the authenticator to the new one - BAM - compromised - same deal - no email clicky, no gold or account buying or selling - SIMPLY VISITING A WEBSITE. Did I mention this happened to more than a hundred thousand people? I might have

Hacked, compromised, whatever - keep up the smugness and karma will come around and chop off your head, hold it in its hands, and laugh at you.

Flarin, even an authenticator isn't enough. Several months ago, already, it was discovered that there were some man-in-the-middle style password stealing compromise methods in use. They could only get into your account in a single, approximately 30-second, timeframe, but once in they could do what they wanted.

They were running a keylogger with active communication, it detected WoW starting, recorded your username, password, and auth code, and immediately transmitted that to another computer that then logged into your account while the authenticator code was still "active". Having an authenticator is MORE secure, but is not completely secure.

Flarin, even an authenticator isn't enough. Several months ago, already, it was discovered that there were some man-in-the-middle style password stealing compromise methods in use. They could only get into your account in a single, approximately 30-second, timeframe, but once in they could do what they wanted.

They were running a keylogger with active communication, it detected WoW starting, recorded your username, password, and auth code, and immediately transmitted that to another computer that then logged into your account while the authenticator code was still "active". Having an authenticator is MORE secure, but is not completely secure.

Truly scary stuff - not so much for my in-game characters or whatever, just brings to light how dicey the net is for any personal data.

__________________
"You'd be surprised how many people violate this simple principle every day of their lives and try to fit square pegs into round holes, ignoring the clear reality that Things Are As They Are." -Benjamin Hoff, The Tao of Pooh

I gave this a go so you guys wouldn't have to. So please no playing around with this form just to see how it works.The poor overworked Blizzard peoples don't need to be going around deleting tickets

I have also not found anything about it being possible on eu.battle.net yet ... anyone found anything on them bringing it out for the European guys and gals ?

__________________
tuba_man on Apple test labs : "I imagine a brushed-aluminum room with a floor made of keyboards, each one plugged into a different test box somewhere. Someone is tasked with tossing a box full of cats (all wearing turtlenecks) into this room. If none of the systems catch fire within 30 minutes, testing is complete. Someone else must remove the cats. All have iPods." (http://community.livejournal.com/tec...t/2018070.html)